Facebook hackers pwn baseball team pages, claim NY Yankees captain is having sex change

Filed Under: Facebook, Featured, Social networks

A host of Facebook accounts belonging to US baseball teams were hacked yesterday, and defaced with messages in dubious taste, including one which claimed that New York Yankees captain Derek Jeter was undergoing a sex change.

Message posted on New York Yankees Facebook page

"We regret to inform our fans that Derek Jeter will miss the rest of the season with sexual reassignment surgery. He promises to come back stronger than ever in 2013 as Minnie Mantlez"

Other clubs affected included the Miami Marlins, San Diego Padres, Chicago White Sox, Washington Nationals, Chicago Cubs and San Francisco Giants.

Here is a selection of the messages that were posted:

Messages posted on Facebook pages belonging to Miami Marlins and San Diego Padres

Message posted on Chicago White Sox Facebook page

Clearly an unauthorised party had managed to gain admin access to the Facebook pages in order to post the messages - and the first thought is that it would be a very strange coincidence to have the Facebook pages of so many clubs compromised at the same time.

However, it turns out that the clubs run the Facebook pages in conjunction with MLB Advanced Media.

One possible scenario is that an MLB Advanced Media employee was sloppy with their password (maybe they weren't using a hard-to-guess password, or maybe they were using a password that they had also been using elsewhere on the net), allowing a hacker to gain access and post the inappropriate content.

A spokesperson for the baseball league told the Wall Street Journal that they were working with Facebook and law enforcement to see if they could identify what had happened, and who might have been responsible:

"For a brief moment today, a few MLB Club Facebook accounts were hacked and inappropriate material was briefly on display from those Clubs' pages on Facebook. MLB Advanced Media oversees these Facebook pages on behalf of the Clubs and regrets this occurrence. We are working with Facebook, Major League Baseball Security and, where appropriate, legal authorities to determine the circumstances surrounding this situation."

Baseball player. Image from ShutterstockI guess everyone should be grateful that the hacker didn't exploit their access to the baseball clubs' Facebook pages by posting something more malicious - such as links to malware-infected pages - that could have impacted thousands of sports fans.

This isn't, of course, the first time that Facebook fan pages have been hacked and unauthorised posts made. There have been a wide variety of victims in the past, ranging from Viagra manufacturer Pfizer, Nicolas Sarkozy, and last year the rapper Soulja Boy who blamed a hacker for a series of racist and homophobic rants.

Perhaps the most embarrassing incident of this nature was when Facebook's own CEO, Mark Zuckerberg, had his official fan page hacked via an API bug.

Make sure that you keep informed about the latest security and privacy issues on Facebook. Join the Sophos page on Facebook, where over 190,000 people regularly share information on threats and discuss the latest security news.

Baseball player image from Shutterstock.

, , , , , , , , , , ,

You might like

3 Responses to Facebook hackers pwn baseball team pages, claim NY Yankees captain is having sex change

  1. timandm · 621 days ago

    Like many people, I am frustrated to no ends, with the number of viruses my computers have gotten over the years, and with the number of problems I have had online because of hackers...... Lately, I've been wondering WHY hackers and virus creators can't be stopped??? I realize one might say the same of any criminal; why can't repeat rapists be stopped? Why can't repeat DUI offenders be stopped? Why can't Bill O'Reily be stopped? (Okay, that one was a joke.)

    But what DOES actually happen to hackers and virus creators that are caught? Are they REALLY punished? Is there any REAL deterrence in place? If the only punishment a hacker or virus creator is going to face is a slap on the wrist, then why WOULDN'T they take the risk?

    These hacks and viruses and all this malware actually does affect lives...The total damage is never fully seen by the public... My doctoral dissertation was gobbled up by when my computers at the lab were infected (we had Norton Utilities at the time.) I couldn't graduate on time because I had to reconstruct my thesis from the saved data and what not.... Did the virus creator care that my wife and kids were depending on me (on a grad. student salary) to take care of them? Or that I missed a lost out on a job opportunity because I couldn't graduate on time? The entire course of my life was altered by what someone thought was a joke....

    How many of these people are actually caught? How many of them are actually punished? How many get a simple slap on the wrist because their crime wasn't malicious, but rather, mischievous?

    I believe hackers and creators of viruses create more problems and cause far more damage than most of them are even aware of... So...how do we stop them if we don't take this more seriously?

  2. Tony Burgio · 621 days ago

    I'm no baseball fan, but frankly, this is absolutely hilarious.

  3. Vera L. Foote · 621 days ago

    I am a baseball fan, and frankly, I think this is SICK!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.